|
@ -0,0 +1,49 @@ |
|
|
|
|
|
use actix_web::{HttpRequest, HttpResponse};
|
|
|
|
|
|
use actix_web::error::{ErrorBadRequest, ErrorUnauthorized, Result};
|
|
|
|
|
|
use actix_web::middleware::{Middleware, Started};
|
|
|
|
|
|
|
|
|
|
|
|
use crate::config::model::Config;
|
|
|
|
|
|
use crate::config::model::UserConfig;
|
|
|
|
|
|
use crate::server::router::AppState;
|
|
|
|
|
|
|
|
|
|
|
|
fn valid_username_and_token_in_vec(username: &str, token: &str, users: Vec<&UserConfig>) -> bool {
|
|
|
|
|
|
for user in users {
|
|
|
|
|
|
if user.username == username && user.token == token {
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
pub struct APIAuthForRootAndZone;
|
|
|
|
|
|
|
|
|
|
|
|
impl Middleware<AppState> for APIAuthForRootAndZone {
|
|
|
|
|
|
fn start(&self, req: &HttpRequest<AppState>) -> Result<Started> {
|
|
|
|
|
|
let config: &Config = &req.state().config;
|
|
|
|
|
|
let match_info = req.resource().match_info();
|
|
|
|
|
|
let root = match_info.get("root");
|
|
|
|
|
|
let zone = match_info.get("zone");
|
|
|
|
|
|
if root.is_none() || zone.is_none() {
|
|
|
|
|
|
Ok(Started::Response(HttpResponse::BadRequest().into()))
|
|
|
|
|
|
} else {
|
|
|
|
|
|
match config.get_users_for_root_and_zone(root.unwrap(), zone.unwrap()) {
|
|
|
|
|
|
Some(users) => {
|
|
|
|
|
|
let username_header = req.headers().get("X-AUTH-USERNAME");
|
|
|
|
|
|
let token_header = req.headers().get("X-AUTH-TOKEN");
|
|
|
|
|
|
if username_header.is_none() || token_header.is_none() {
|
|
|
|
|
|
Ok(Started::Response(HttpResponse::BadRequest().into()))
|
|
|
|
|
|
} else {
|
|
|
|
|
|
let username = username_header.unwrap().to_str();
|
|
|
|
|
|
let token = token_header.unwrap().to_str();
|
|
|
|
|
|
if valid_username_and_token_in_vec(username.unwrap(), token.unwrap(), users) {
|
|
|
|
|
|
Ok(Started::Done)
|
|
|
|
|
|
} else {
|
|
|
|
|
|
Ok(Started::Response(HttpResponse::Unauthorized().into()))
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
None => Ok(Started::Response(HttpResponse::Unauthorized().into()))
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|